1 /*
2 * Copyright (c) 2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 use std::ffi::{c_char, CString};
17 use std::ptr;
18
19 use asset_constants::{CallingInfo, OwnerType};
20 use asset_crypto_manager::{crypto::*, crypto_manager::*, secret_key::*};
21 use asset_definition::{Accessibility, AuthType, ErrCode};
22
23 pub const AAD_SIZE: u32 = 8;
24
25 #[repr(C)]
26 struct TokenInfoParams {
27 dcaps_num: i32,
28 perms_num: i32,
29 acls_num: i32,
30 dcaps: *const *const c_char,
31 perms: *const *const c_char,
32 acls: *const *const c_char,
33 process_name: *const c_char,
34 apl_str: *const c_char,
35 }
36
37 extern "C" {
GetAccessTokenId(token_info: *mut TokenInfoParams) -> u6438 fn GetAccessTokenId(token_info: *mut TokenInfoParams) -> u64;
SetSelfTokenID(token_id: u64) -> i3239 fn SetSelfTokenID(token_id: u64) -> i32;
40 }
41
42 /// Init access token ID for current process
grant_self_permission() -> i3243 fn grant_self_permission() -> i32 {
44 let perms_str = CString::new("ohos.permission.INTERACT_ACROSS_LOCAL_ACCOUNTS").unwrap();
45 let name = CString::new("asset_bin_test").unwrap();
46 let apl = CString::new("system_basic").unwrap();
47 let mut param = TokenInfoParams {
48 dcaps_num: 0,
49 perms_num: 1,
50 acls_num: 0,
51 dcaps: ptr::null(),
52 perms: &perms_str.as_ptr(),
53 acls: ptr::null(),
54 process_name: name.as_ptr(),
55 apl_str: apl.as_ptr(),
56 };
57
58 unsafe {
59 let token_id = GetAccessTokenId(&mut param as *mut TokenInfoParams);
60 SetSelfTokenID(token_id)
61 }
62 }
63
64 #[test]
generate_and_delete()65 fn generate_and_delete() {
66 assert_eq!(0, grant_self_permission());
67 let calling_info = CallingInfo::new(0, OwnerType::Native, vec![b'2']);
68 let secret_key = SecretKey::new(&calling_info, AuthType::None, Accessibility::DevicePowerOn, false);
69 secret_key.generate().unwrap();
70 secret_key.exists().unwrap();
71 let _ = SecretKey::delete_by_owner(&calling_info);
72 assert!(secret_key.delete().is_ok())
73 }
74
75 #[test]
encrypt_and_decrypt()76 fn encrypt_and_decrypt() {
77 assert_eq!(0, grant_self_permission());
78 // generate key
79 let calling_info = CallingInfo::new(0, OwnerType::Native, vec![b'2']);
80 let secret_key = SecretKey::new(&calling_info, AuthType::None, Accessibility::DevicePowerOn, false);
81 secret_key.generate().unwrap();
82
83 // encrypt data
84 let msg = vec![1, 2, 3, 4, 5, 6];
85 let aad = vec![0; AAD_SIZE as usize];
86 let cipher = Crypto::encrypt(&secret_key, &msg, &aad).unwrap();
87 assert!(!cipher.eq(&msg));
88
89 // decrypt data
90 let plaintext = Crypto::decrypt(&secret_key, &cipher, &aad).unwrap();
91 assert!(plaintext.eq(&msg));
92
93 // delete key
94 let _ = secret_key.delete();
95 }
96
97 #[test]
crypto_init()98 fn crypto_init() {
99 assert_eq!(0, grant_self_permission());
100 let calling_info = CallingInfo::new(0, OwnerType::Native, vec![b'2']);
101 let secret_key = SecretKey::new(&calling_info, AuthType::Any, Accessibility::DevicePowerOn, false);
102 secret_key.generate().unwrap();
103
104 let mut crypto = Crypto::build(secret_key.clone(), 600).unwrap();
105 crypto.init_key().unwrap();
106 let _ = secret_key.delete();
107 }
108
109 #[test]
crypto_exec()110 fn crypto_exec() {
111 assert_eq!(0, grant_self_permission());
112 let calling_info = CallingInfo::new(0, OwnerType::Native, vec![b'2']);
113 let secret_key = SecretKey::new(&calling_info, AuthType::Any, Accessibility::DevicePowerOn, false);
114 secret_key.generate().unwrap();
115
116 let msg = vec![1, 2, 3, 4, 5, 6];
117 let aad = vec![0; AAD_SIZE as usize];
118 let cipher = Crypto::encrypt(&secret_key, &msg, &aad).unwrap();
119 let mut crypto = Crypto::build(secret_key.clone(), 600).unwrap();
120 crypto.init_key().unwrap();
121
122 let authtoken = vec![0; 148];
123 assert!(crypto.exec_crypt(&cipher, &aad, &authtoken).is_err());
124 let _ = secret_key.delete();
125 }
126
127 #[test]
crypto_manager()128 fn crypto_manager() {
129 assert_eq!(0, grant_self_permission());
130 let calling_info = CallingInfo::new(0, OwnerType::Native, vec![b'2']);
131 let secret_key1 = SecretKey::new(&calling_info, AuthType::Any, Accessibility::DevicePowerOn, false);
132 secret_key1.generate().unwrap();
133 let mut crypto1 = Crypto::build(secret_key1.clone(), 600).unwrap();
134 let challenge1 = crypto1.init_key().unwrap().clone();
135
136 let secret_key2 = SecretKey::new(&calling_info, AuthType::Any, Accessibility::DevicePowerOn, false);
137 secret_key2.generate().unwrap();
138 let mut crypto2 = Crypto::build(secret_key2.clone(), 600).unwrap();
139 let challenge2 = crypto2.init_key().unwrap().clone();
140
141 let arc_crypto_manager = CryptoManager::get_instance();
142 let mut crypto_manager = arc_crypto_manager.lock().unwrap();
143 crypto_manager.add(crypto1).unwrap();
144 crypto_manager.add(crypto2).unwrap();
145
146 let calling_info_2 = CallingInfo::new(0, OwnerType::Native, vec![b'3']);
147 crypto_manager.find(&calling_info, &challenge1).unwrap();
148 crypto_manager.find(&calling_info, &challenge2).unwrap();
149 assert_eq!(ErrCode::NotFound, crypto_manager.find(&calling_info_2, &challenge2).err().unwrap().code);
150
151 crypto_manager.remove(&calling_info, &challenge1);
152 crypto_manager.remove(&calling_info_2, &challenge2);
153 crypto_manager.find(&calling_info, &challenge2).unwrap();
154 crypto_manager.remove(&calling_info, &challenge2);
155 assert_eq!(ErrCode::NotFound, crypto_manager.find(&calling_info, &challenge2).err().unwrap().code);
156
157 crypto_manager.remove_need_device_unlocked();
158
159 let _ = secret_key1.delete();
160 let _ = secret_key2.delete();
161 }
162